The Nerfherder

Editorials on the cross-section where politics and culture meet cyberspace

Friday, February 26, 2016

What Do Twitter Users Think of Trump Being Endorsed by Christie?

Just an hour or so ago, New Jersey Governor Chris Christie publicly endorsed Donald Trump for president. This is turning a lot of heads in pundit circles, however I wanted to just do a quick analysis of what people were saying about the endorsement on Twitter.

Running a python script of my own creation, I scraped 949 tweets referring to Trump over the course of a single minute (approximately an hour after the public endorsement). So this is neither a scientific nor a meaningfully large sample size by any means; rather, I just wanted to get a quick snapshot. All 949 tweets were then run through IBM's Alchemy engine for sentiment analysis so that we could get a sense of whether tweets about Trump were singing his praises, condemning him, or staking out a more neutral stance. Here are the data collected:

Sunday, February 21, 2016

Apple Challenges the Federal Court Ruling That It Must Create New Unlocking Software...

Yes, Apple and the federal government are at war with each other. In case you missed it, this week a federal court ordered Apple to unlock the iPhone of one of the San Bernardino terrorists who killed 14 people, and Apple is strongly challenging that ruling. The reasons why strike at the very heart of, not only digital privacy rights (which is how many are framing it), but also what constitutional checks will there be on the power of the federal government moving forward.

The center of this controversy is not whether the court can compel Apple to unlock an iPhone to provide user data to law enforcement authorities (it's legally clear that they can with a subpoena, and Apple has already done so with all of the San Bernardino shooter's data stored on iCloud); but the real issue is whether the court can compel Apple to create new software.

It comes across as absurd that the stated legal basis for the court's ruling is the All Writs Act of 1789, which is used to require people or businesses not involved in a case to execute court orders. I mean, come on. Using a law from 1789 to judge a case on digital encryption and software development severely damages the ruling's credibility in the public's eye, to say the least. One could almost feel the palpable collective eyeroll most Americans had upon hearing this.

The fact is, despite the All Writs Act of 1789, the Supreme Court has ruled that "the government cannot compel a third-party that is not involved in a crime to assist law enforcement if doing so would place 'unreasonable burdens' on it". Forcing Apple to create brand new software seems to be just such an unreasonable burden.

Of even more direct relevance is the case Bernstein v. Department of Justice, where a college student challenged a federal law that classified strong encryption tools as a form of arms munitions, and therefore forced him to register as an arms dealer in order to publish his encryption algorithm. In 1999, a judge ruled that the government cannot regulate cryptographic "software and related devices and technologies" because doing so would violate First Amendment protections of free speech on the grounds of prior restraint.

All of Silicon Valley as well as the hacktivist community at-large has come out in support of Apple's legal challenge. To what extent should the government be able to force third-party companies or individuals to, not just hand over subpoenaed information, but actually be forced to create new products to assist the government in carrying out its duties? We all want to be safe and assisting law enforcement in preventing attacks is clearly a public good. Again, Apple has already done that by handing over all of the data on the shooter they had access to. But a requirement to force a company to create new software (which, by the way, would be the equivalent of forcing the company to make an inferior product because it would turn all iOS products into less secure devices and, by doing so, would severely damage the company's commercial reputation)? The line has to be drawn somewhere.

Monday, February 08, 2016

When Hacktivism Should Receive First Amendment Protection...

I recently came across an article by Noah C. N. Hampson titled, "Hacktivism: A New Breed of Protest in a Networked World", in the Boston College International and Comparative Law Review. It's a great entry piece for anyone looking to become acquainted with the issue of hacktivism in relation to the First Amendment.

Hampson's main argument is that some forms of hacktivism are primarily expressive, not destructive, and that these acts sufficiently resemble traditional forms of protest enough to warrant protection from anti-hacking laws under widely accepted principles of Free Speech. Specifically, he calls out the Computer Fraud and Abuse Act in the U.S. for being so generally worded as to be dangerous in its potentially overly broad application.

He goes on to make a several noteworthy comments:

That "time, place, and manner" restrictions on the Internet are unclear. These are the laws that allow the authorities to determine when and how protests can occur (knowing they cannot censor or ban them altogether) in order to maintain public safety.

The "public forum doctrine" on the Internet is also unclear. This generally protects speech in "places by which long tradition or by government fiat have been devoted to assembly or debate".

The distinction between public versus private spaces on the Internet is often blurred. Again, this relates to the different bodies of law that have developed over time regarding the regulation of speech when it occurs on public versus private property.

It does not follow that if ANY harm is caused, then the act should be considered criminal; some costs (inconveniences/annoyances) must be tolerated as the price for freedom of expression.

These are all important points to raise. I would like to contribute the observation that all of the first three points are really about the public versus private distinction (or lack thereof). The "time, place, and manner" of a hacktivist protest cannot be physically relocated the way a planned protest at Madison Square Garden in New York City can be relocated by the authorities to Riverside Park. On the Internet, that physical dimension is meaningless, and the hacktivist target, by definition, is a server that is most likely a private server, rather than a public sidewalk. The question is: since the overwhelming majority of cyberspatial activities occurs on private servers, to what extent can First Amendment protections that traditionally apply to public spaces still be valid? For if hacktivism is deemed to only have First Amendment protections when applied to strictly public spaces, you might as well throw out the notion of Free Speech on the Internet altogether.

Which brings us to Hampson's second point which is a foundational question: To what extent is the Internet a public or a private space at all? Yes, its functional definition is that it is a network of mostly private networks, which would indicate that it ought to be legally considered a private space in the majority of cases. However, even though I may connect to the Internet through my private ISP and then my traffic or request for data might at some point traverse the private backbone of a provider like Cogent, all so that I can access my account on one of Facebook's privately owned servers in Silicon Valley, the sum is often considered greater than its parts when it comes to understanding how this thing called the Internet works. When I engage in cyberspace, I'm typically using only private resources to do what I do, yet there's an argument to be made, and certainly an enormous public perception, that many of these publicly accessible forums are indeed public spaces even if the resources that facilitate them are not. The First Amendment applies differently to public spaces than to private spaces. So we might be in need of legal clarification as to the Internet's hybrid status before we can determine its applicability to hacktivism.

Finally, as to Hampson's fourth point listed above, I'm inclined to disagree with his argument that even some harmful acts of hacktivism should warrant First Amendment protection. Anti-hacking laws such as the CFAA are designed to prevent unlawful intrusions, destruction, and theft. Yes, perhaps they are too generally worded and in need of revision. But I'm unsure of what type of "harm" exactly that Hampson is referring to that ought to be tolerated. He discusses website defacements, denial-of-service attacks that effectively shut down target websites, and other hacktivist tactics, although even after reading the article I find myself confused as to why he believes some of these are "harmful" while others are not. What test should be applied?

Anyway, this is terrific food for thought. I'm left questioning the public-private debate and how best to define "harm" in a hacktivist context. All First Amendment considerations will stem from these starting assumptions.